Average Cyber-Crime Cost to Global Businesses Rises to $11.7M: Report

The average cost of cyber-crime incurred by businesses around the world has grown in 2017, according to a report from Accenture and the Ponemon Institute.  The 56-page 2017 Cost of Cyber Crime Study report, released on Sept. 26, is based on a survey of 2,182 security and IT professionals in 254 different organizations around the world. The report found that the global average per businesses cost of cyber-crime in 2017 is $11.7 million per organization, which is a 23 percent increase from 2016. Costs in the U.S. are even higher, with an average cost of $21 million, up from $17 million in 2016. This slideshow covers some of the most significant findings of the Accenture cyber-crime Study.

According to the report, over the past five years the average cost of cyber-crime has risen by 62 percent.

U.S. companies reported the highest total average cost of cyber-crime at $21 million, up from $17 million in 2016.

Looking at the cost of cyber-crime by industry, the report found that financial services firms had the highest costs coming in at $18.28 million. In contrast, the hospitality industry had the lowest average cost at $5.04 million.

The Accenture-Ponemon report found that 27 percent of surveyed organizations reported ransomware attacks in 2017, up from only 13 percent in 2016.

The cost of cyber-crime varies based on the type of attack and where the attack occurs. U.S. companies pay more to resolve all types of cyber-attacks, with malware attacks costing an average of $3.82 million. Botnet attacks are the least costly at an average of $640,000.

On average it takes the most amount of time to resolve attacks caused by malicious code, taking 55.2 days in 2017, up from 49.6 days in 2016. In contrast, it only took an average of 2.5 days to resolve botnet based attacks.

Cyber-crime detection activities account for 35 percent of total internal activity cost at organizations, while recovery accounts for 20 percent of costs.